bvm-radius: use IP rather than DNS in extraCommands
DNS resolution doesn't work during extraCommands, which... is probably reasonable. Let's not do that.
This commit is contained in:
parent
4530991827
commit
f3c38e3bb2
1 changed files with 9 additions and 3 deletions
|
@ -28,9 +28,15 @@ in {
|
||||||
firewall = {
|
firewall = {
|
||||||
extraCommands = ''
|
extraCommands = ''
|
||||||
# Allow JANET inbound RADIUS traffic.
|
# Allow JANET inbound RADIUS traffic.
|
||||||
ip46tables -A nixos-fw -p udp --dport 1812 --src roaming0.ja.net -j nixos-fw-accept
|
# roaming0.ja.net
|
||||||
ip46tables -A nixos-fw -p udp --dport 1812 --src roaming1.ja.net -j nixos-fw-accept
|
iptables -A nixos-fw -p udp --dport 1812 --src 194.82.174.185 -j nixos-fw-accept
|
||||||
ip46tables -A nixos-fw -p udp --dport 1812 --src roaming2.ja.net -j nixos-fw-accept
|
ip6tables -A nixos-fw -p udp --dport 1812 --src 2001:630:1:128::185 -j nixos-fw-accept
|
||||||
|
# roaming1.ja.net
|
||||||
|
iptables -A nixos-fw -p udp --dport 1812 --src 194.83.56.233 -j nixos-fw-accept
|
||||||
|
ip6tables -A nixos-fw -p udp --dport 1812 --src 2001:630:1:12a::233 -j nixos-fw-accept
|
||||||
|
# roaming2.ja.net
|
||||||
|
iptables -A nixos-fw -p udp --dport 1812 --src 194.83.56.249 -j nixos-fw-accept
|
||||||
|
ip6tables -A nixos-fw -p udp --dport 1812 --src 2001:630:1:129::249 -j nixos-fw-accept
|
||||||
|
|
||||||
# Allow inbound RADIUS from authenticators.
|
# Allow inbound RADIUS from authenticators.
|
||||||
ip6tables -A nixos-fw -p udp --dport 1812 --src 2a09:a443::/64 -j nixos-fw-accept
|
ip6tables -A nixos-fw -p udp --dport 1812 --src 2a09:a443::/64 -j nixos-fw-accept
|
||||||
|
|
Loading…
Reference in a new issue